McAfee Labs (NYSE: MFE is encouraging users to securely manage their smartphone devices like PCs because of emerging security threats and risks.
Dave Marcus, director of security research and communications at McAfee, says that while there aren’t “a lot of direct (security) issues” involving social media, applications and smartphones at this time, it is something users should be cautious of.
“There isn’t a lot of education out there about this at this time,” Marcus said. “What this all comes down to are the privacy settings on the device. For example, in order to join a Facebook group, you have to accept that the host of the group can see the information in your (profile) account. The security risk is that users may then get unwanted e-mails, or have their friends list exposed.”
Marcus says channel partners should reach out to their customers and get discussions started now. Partners can leverage the relationships they have with their customer base by talking about trends and potential security solutions and training services. Partners should also explain to their customers that handhold devices should be treated like managed devices.
“It’s really a PC in their hands,” Marcus says. “Partners should suggest to their customers that they apply policies to these devices and also manage them remotely to keep better track of the data and behaviour that are on them.”
David Senf, director of infrastructure solutions group at IDC Canada, agrees that right now, attacks on mobile devices is not a “serious threat,” but does say it can be a “nuisance.”
“There isn’t a direct threat to the loss of sensitive business data (on smartphone devices), for example,” Senf said. “This is related to how social networks are used and (how) settings (are) adjusted. Privacy settings on most social networks are set to be wide open. In short, (users should) know the particular social network’s approach to privacy.”
Attackers could then see whoever is on the targeted user’s friends list to send unwanted e-mails or links to them too, Marcus added.
Especially in the digital age of the Internet and transactional selling and purchasing, Marcus says since many of these tasks can be done on PCs now, there’s the possibility that smartphones will also get these same capabilities.
“When this happens and becomes more common place, we’ll see more threats too because this has to do with money, money, money,” Marcus explains. “Attackers want your personal information so they may bombard you with spam, or phishing attempts. Users should be aware of this and re-train themselves when it comes to viewing their smartphones as PCs in their hands.”
Senf explains that hackers “work on a simple math because they want the biggest return on their exploits.” The growing number of smartphones among consumers and business users has made these devices a target for security attacks, he adds. Throughout the course of this year, Senf says he sees a dramatic increase in the number of mobile attacks, so end-users should be aware of this.
“The more capabilities (that) get added to BlackBerry, iPhone, Android devices and other mobile devices, the more vulnerability are potentially opened for the bad guys to exploit,” Senf said. “Canadian organizations should ensure that they reduce the attack surface on their devices by turning off any and all features that they don’t absolutely require. Whether that’s switching off Bluetooth capabilities or keeping to a finite set of trusted applications, less is better.”